Tag: blogspam

Posted on
by

I woke up to ten or so first-time comments* in the moderation queue at Speed Force this morning. As I started reading them I was briefly confused: they were well-written, specific comments about comic books….that had nothing to do with the posts they were attached to. Complaining about Bendis’ writing on an interview with Paul Ryan (the artist, not the politician). Gushing about an Ultra-Humanite figure on a review of a Flash comic. Tips on finding exclusive Aquaman figures on a Flash TV episode review.

Then I felt strangely nostalgic, because I hadn’t seen this sort of spam in a long time.

As near as I can tell, the spammer finds a related site, scrapes comments from it, and pastes them into the target site. To what end I’m not sure, because the comments all linked to Facebook profiles. Most comment spam seems to be about link generation to prop up a spamvertised site in search rankings. But sure enough, when I searched for phrases from the spammy comments, I found the originals on a Daredevil fan blog, an action figure site, an artist’s blog, and so on.

I’ve got to give the spammer a little credit for two things:

  1. Finding actual comics-related blogs to scrape comments from.
  2. Inserting typos to make it harder to match. Though Google’s pretty good at fixing those.

In the end, though…

*plonk!*

*I have WordPress set up so that first-time commenters always go through moderation, while returning commenters are allowed through unless they trips a filter.

Posted on
by

Spam is annoying at the best of times, but over the years I’ve learned to tune it out (and in some cases find amusement in it). But a spam comment that I’ve been seeing across several blogs lately is just plain insulting.

I see a lot of interesting content on your page. You have to spend a lot of time writing, i know how to save you a lot of time, there is a tool that creates unique, SEO friendly posts in couple of minutes… [Search terms omitted because I don’t want to give them the publicity.]

Right: So I’ve got interesting content, I clearly spend a lot of time writing, but you’re telling me I should use some tool to auto-generate everything instead. Autogenerate this, jerkwad!

Though I do have to admit I’m amused at the idea of autogenerated spam clogging up the comment sections of autogenerated articles…

Posted on
by

Here’s another comment spammer whose software plugged in every phrase on its generic comment list instead of picking one at random. Notice how vague these tend to be, so that they could easily apply to almost any post on almost any site.

If you see any of these comments show up on your blog, chances are good that it’s a spammer trying to get a backlink to their shady site, not someone who actually wants to contribute to the conversation.

(Originally cross-posted from LOL Spam)

Continue reading

Posted on
by

You’ve probably seen it: comments that say something entirely vague and either flattering or condescending, that could apply to just about any article. And then they link to an “escort” site, or a pill seller…or some small-town insurance office in the middle of nowhere who hired a black hat “SEO expert” who promised he’d get them backlinks and doesn’t care about the site’s reputation.

I got a great one last week: Somehow instead of getting one randomly-chosen message from a set, I got all of them in one comment: Continue reading

Posted on
by

I’ve been seeing a lot of those “I just found your blog by searching and it’s the best thing since sliced bread” comment spams lately, some even slipping through Akismet. But this one was just hilarious in its unreadability:

Virtuous what I used to be in search of and quite thoroughgoing as floor. Many thanks for placard this, I noticed a yoke diverse associated posts but yours was the optimum thus far. I outlook it stays updated, adore worry.

Posted on
by

I found a sneaky type of spambot this morning. It was impersonating regular commenters on Speed Force, using their names and (at first glance) email addresses to blend in.

The names weren’t terribly surprising, but the email addresses were. Where had it gotten them? WordPress shouldn’t reveal them, unless there’s a bug somewhere. Was one of my plugins accidentally leaking email addresses? Had someone figured out a way to correlate Gravatar hashes with another database of emails?

As I looked through the comments, I realized that in most cases, it wasn’t the commenter’s usual email address. Here’s what the spambot was doing:

  1. Extract the author’s name and website from an existing comment.
  2. Construct an email address using the author’s first name and the website’s domain name.
  3. Post a comment using the extracted name, the constructed email, and a link to the spamvertised site.

The actual content (if you can call it that) of the comments was just a random string of numbers, and the site was a variation on “hello world,” leading me to suspect that it might be a trial run. Certainly they could have been a lot sneakier: I’ve seen comment spam that extracts text from other comments, or from outbound links, or even from related sites to make it look like an actual relevant comment.

I’d worry about giving them ideas, but I suspect it’s already the next step in the design.

Update: They came back for a second round, this time here at K2R, and I noticed something else: It only uses the first name for the constructed email address, but does so naively, just breaking the name by spaces. This is particularly amusing with names like “Mr. So-and-so,” where it creates an address like mr@example.com, and pingbacks, where the “name” is really the title of a post.

Posted on
by

While cleanning out the comment spam folder on Speed Force, I found this gem:

Hi this is a attempt to get noticed on the world wide web and hopefully spread the word about our services. It would be kind of you if you allow me to share my online marketing one the site. The company name is [REDACTED]. Thanks

I suppose you’ve got to give them points for honesty.